In the Claims : 



Please amend claims 1, 3, 4, 6, 7, 9, 17, 19, 20, 22, 23, 25, 33, 35, 36, 38, 39 and 
41, and please cancel claims 2, 5, 8, 18, 21, 24, 34, 37 and 40, as indicated below. 

1. (Currently amended) A method for accessing a service in a distributed 
computing environment, comprising: 

a client locating a first service within the distributed computing environment, 
wherein the first service provides a plurality of capabilities to clients 
executing in the distributed computing environmen t, wherein the client 
locating a first service comprises the client receiving an advertisement for 
the first service, wherein said advertisement describes the plurality of 
capabilities of the first service ; 

the client requesting a capability credential to allow the client access to a portion 
of the first service's capabilities, wherein said requesting a capability 
credential comprises the client sending a capability credential request 
message indicating a set of desired capabilities , wherein said capability 
credential request message comprises an identification of said first service 
and an indication of the set of desired capabilities, wherein said indication 
of the set of desired capabilities comprises an indication of said 
advertisement, and wherein said indication of said advertisement in said 
capability credential request message is a version of said advertisement 
edited to describe only said set of desired capabilities ; 

the client receiving said capability credential, wherein said capability credential 
indicates that the client has the right to use only said portion of the first 
service's capabilities, wherein said portion of the first service's 
capabilities is less than a total of the plurality of capabilities provided by 
the first service; and 



11/008,692 (6000-33100/SUN041115) 



2 



Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



the client using said capability credential to access one or more of said portion of 
the first service's capabilities. 

2. (Canceled) 

3. (Currently amended) The method as recited in claim [[2]] 1, wherein said 
identification of said first service comprises a Universal Unique Identifier (UUID). 

4. (Currently amended) The method as recited in claim [[2]] 1, wherein said 
capability credential request message is formatted in extensible Markup Language 
(XML). 

5. (Canceled) 

6. (Currently amended) The method as recited in claim [[5]] 1, wherein said 
indication of said advertisement is said advertisement itself. 

7. (Currently amended) The method as recited in claim [[5]] 1, wherein said 
indication of said advertisement is a Uniform Resource Identifier (URI) to said 
advertisement. 

8. (Canceled) 

9. (Currently amended) The method as recited in claim [[5]] 1, wherein said 
advertisement is a protected advertisement that describes the first service's capabilities 
but does not provide an interface to the first service's capabilities. 

10. (Original) The method as recited in claim 1, further comprising: 
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the client receiving a protected advertisement for the first service, wherein said 
protected advertisement indicates an address for sending said capability 
credential request message to; and 

wherein said requesting a capability credential comprises the client sending a 
capability credential request message to said address indicated in said 
protected advertisement. 

11. (Original) The method as recited in claim 10, wherein said address indicated 
in said protected advertisement is for an authentication service, wherein said sending a 
capability credential request message comprises sending said capability credential request 
message to said authentication service, the method further comprising the authentication 
service sending a credential request response message to the client in response to said 
capability credential request message. 

12. (Original) The method as recited in claim 11, wherein said credential request 
response message includes said capability credential, wherein said receiving said 
capability credential comprises receiving said capability credential from said 
authentication service in said credential request response message. 

13. (Original) The method as recited in claim 1, further comprising: 

the client receiving a protected advertisement for the first service, wherein said 
protected advertisement indicates an authentication service; and 

wherein said requesting a capability credential comprises the client requesting a 
capability credential from said authentication service. 

14. (Original) The method as recited in claim 13, the method further comprising: 
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said authentication service determining a level of the first service's capabilities 
that the client is authorized to use; 

said authentication service generating said capability credential according to said 
level and said set of desired capabilities; and 

said authentication service sending said capability credential to the client, wherein 
said portion of the first service's capabilities that said capability credential 
indicates that the client has a right to use is no more than said set of 
desired capabilities. 

15. (Original) The method as recited in claim 14, wherein said portion of the first 
service's capabilities that said capability credential indicates that the client has a right to 
use is the lesser of said level of the first service's capabilities that the client is authorized 
to use and said set of desired capabilities. 

16. (Original) The method as recited in claim 1, wherein said using said 
capability credential to access one or more of said portion of the first services capabilities 
comprises the client sending a message to the first service to access a first capability, 
wherein the message includes said capability credential, the method further comprising 
the first service authenticating said capability credential received in the message to verify 
that the client has the right to use said first capability. 

17. (Currently amended) A client device, comprising: 
a connection to a distributed computing environment; 

an interface coupled to said connection and configured to locate a first service 
within the distributed computing environment, wherein the first services 
provides a plurality of capabilities to clients executing in the distributed 
computing environment , wherein the interface is configured to receive an 
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advertisement for the first service, wherein said advertisement describes 
the plurality of capabilities of the first service ; 

wherein the interface is further configured to send a capability credential request 
message over the connection to request a capability credential for a set of 
desired capabilities to allow a client on the client device access to a 
portion of the first service's capabilities , wherein said capability credential 
request message comprises an identification of said first service and an 
indication of the set of desired capabilities, wherein said indication of the 
set of desired capabilities comprises an indication of said advertisement, 
and wherein said indication of said advertisement in said capability 
credential request message is a version of said advertisement edited to 
describe only said set of desired capabilities ; 

wherein the interface is further configured to receive over the connection said 
capability credential, wherein said capability credential indicates that the 
client has the right to use only said portion of the first service's 
capabilities, wherein said portion of the first service's capabilities is less 
that a total of the plurality of capabilities provided by the first service; and 

wherein the interface is further configured to use said capability credential to 
access one or more of said portion of the first service's capabilities. 

18. (Canceled) 

19. (Currently amended) The client device as recited in claim [[18]] 17, wherein 
said identification of said first service comprises a Universal Unique Identifier (UUID). 

20. (Currently amended) The client device as recited in claim [[18]] 17, wherein 
said capability credential request message is formatted in extensible Markup Language 
(XML). 
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21. (Canceled) 



22. (Currently amended) The client device as recited in claim [[21]] 17, wherein 
said indication of said advertisement is said advertisement itself. 

23. (Currently amended) The client device as recited in claim [[22]] 17, wherein 
said indication of said advertisement is a Uniform Resource Identifier (URI) to said 
advertisement. 

24. (Canceled) 

25. (Currently amended) The client device as recited in claim [[21]] 17, wherein 
said advertisement is a protected advertisement that describes the first service's 
capabilities but does not provide an interface to the first service's capabilities. 

26. (Original) The client device as recited in claim 17, wherein the interface is 
further configured to receive a protected advertisement for the first service, wherein said 
protected advertisement indicates an address for sending said capability credential request 
message to, and wherein the interface is configured to request a capability credential by 
sending a capability credential request message to said address indicated in said protected 
advertisement. 

27. (Original) The client device as recited in claim 26, wherein said address 
indicated in said protected advertisement is for an authentication service, wherein said 
sending a capability credential request message comprises sending said capability 
credential request message to said authentication service. 

28. (Original) The client device as recited in claim 27, wherein the interface is 
configured to receive said capability credential from said authentication service in a 
credential request response message. 
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29. (Original) The client device as recited in claim 17, wherein the interface is 
further configure to: 

receive a protected advertisement for the first service, wherein said protected 
advertisement indicates an authentication service; and 

request a capability credential by requesting a capability credential from said 
authentication service. 

30. (Original) The client device as recited in claim 29, wherein said portion of 
the first service's capabilities that said capability credential indicates that the client has a 
right to use is the lesser of said level of the first service's capabilities that the client is 
authorized to use and said set of desired capabilities. 

31. (Original) The client device as recited in claim 17, wherein the interface is 
configured to use said capability credential to access one or more of said portion of the 
first services capabilities for said client by sending a message to the first service to access 
a first capability, wherein the message includes said capability credential so that the first 
service may authenticate said capability credential received in the message to verify that 
the client has the right to use said first capability. 

32. (Original) The client device as recited in claim 17, wherein said interface 
comprises one or more processes executable on a processor within the client device. 

33. (Currently amended) A tangible, computer accessible storage medium 
comprising program instructions, wherein the program instructions are computer- 
executable on a client device to implement: 

locating a first service within the distributed computing environment, wherein the 
first service provides a plurality of capabilities , wherein locating the first 
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service comprises receiving an advertisement for the first service, wherein 
said advertisement describes the plurality of capabilities of the first 
service ; 



requesting a capability credential to allow a client on the client device access to a 
portion of the first service's capabilities, wherein said requesting a 
capability credential comprises the client sending a capability credential 
request message indicating a set of desired capabilities , wherein said 
capability credential request message comprises an identification of said 
first service and an indication of the set of desired capabilities, wherein 
said indication of the set of desired capabilities comprises an indication of 
said advertisement, and wherein said indication of said advertisement in 
said capability credential request message is a version of said 
advertisement edited to describe only said set of desired capabilities ; 

receiving said capability credential, wherein said capability credential indicates 
that the client has the right to use only said portion of the first service's 
capabilities, wherein said portion of the first service's capabilities is less 
than a total of the plurality of capabilities provided by the first service; and 

using said capability credential to access one or more of said portion of the first 
service's capabilities. 



34. (Canceled) 



35. (Currently amended) The tangible, computer accessible medium as recited in 
claim [[34]] 33, wherein said identification of said first service comprises a Universal 
Unique Identifier (UUID). 
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36. (Currently amended) The tangible, computer accessible medium as recited in 
claim [[34]] 33, wherein said capability credential request message is formatted in 
extensible Markup Language (XML). 

37. (Canceled) 

38. (Currently amended) The tangible, computer accessible medium as recited in 
claim [[37]] 33, wherein said indication of said advertisement is said advertisement itself. 

39. (Currently amended) The tangible, computer accessible medium as recited in 
claim [[37]] 33, wherein said indication of said advertisement is a Uniform Resource 
Identifier (URI) to said advertisement. 

40. (Canceled) 

41. (Currently amended) The tangible, computer accessible medium as recited in 
claim [[37]] 33, wherein said advertisement is a protected advertisement that describes 
the first service's capabilities but does not provide an interface to the first service's 
capabilities. 

42. (Previously presented) The tangible, computer accessible medium as recited 
in claim 33, wherein the program instructions are computer-executable on the client 
device to further implement: 

receiving a protected advertisement for the first service, wherein said protected 
advertisement indicates an address for sending said capability credential 
request message to; and 

wherein said requesting a capability credential comprises the client sending a 
capability credential request message to said address indicated in said 
protected advertisement. 
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43. (Previously presented) The tangible, computer accessible medium as recited 
in claim 42, wherein said address indicated in said protected advertisement is for an 
authentication service, wherein said sending a capability credential request message 
comprises sending said capability credential request message to said authentication 
service. 

44. (Previously presented) The tangible, computer accessible medium as recited 
in claim 43, wherein said receiving said capability credential comprises receiving said 
capability credential from said authentication service in a credential request response 
message. 

45. (Previously presented) The tangible, computer accessible medium as recited 
in claim 33, wherein the program instructions are computer-executable on the client 
device to further implement: 

receiving a protected advertisement for the first service, wherein said protected 
advertisement indicates an authentication service; and 

wherein said requesting a capability credential comprises the client requesting a 
capability credential from said authentication service. 

46. (Previously presented) The tangible, computer accessible medium as recited 
in claim 45, wherein said portion of the first service's capabilities that said capability 
credential indicates that the client has a right to use is the lesser of said level of the first 
service's capabilities that the client is authorized to use and said set of desired 
capabilities. 

47. (Previously presented) The tangible, computer accessible medium as recited 
in claim 33, wherein said using said capability credential to access one or more of said 
portion of the first services capabilities comprises the client sending a message to the first 
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service to access a first capability, wherein the message includes said capability 
credential so that the first service may authenticate said capability credential received in 
the message to verify that the client has the right to use said first capability. 
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